Audit Active Directory Attack Paths with Bloodhound
In our experience working with SMB and enterprise IT teams, it is often unknown just how far and...
In our experience working with SMB and enterprise IT teams, it is often unknown just how far and...
Do you have resources on prem? In the cloud? How about in multiple clouds? How do you access them...
In this blog post we cover a widespread phishing campaign Recon recently observed targeting...
This guide will walk you through using CanaryTokens.org to generate a token and how to use that...
The recent Log4j vulnerability (CVE-2021-44228) is unprecedented in its global scope and impact....
In July, Eric & Whitney gave a talk titled "Breaches Be Crazy" at the SANS DFIR Summit outlining...
The Recon incident response team recently responded to a case of business email compromise. The...
Now that we've normalized and enriched our events, let's get into the actual threat detection logic...
In my previous post, I explained the fundamental purpose and use cases of pipelines in Graylog –...
If you are here hoping to learn more about using Graylog for the purpose of monitoring the security...